package com.lv.config;

import com.lv.exception.LongExcep;
import com.lv.pojo.TbSeller;
import com.lv.service.SellerService;
import org.apache.dubbo.config.annotation.DubboReference;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;


public class LoginRealm extends AuthorizingRealm {
    @DubboReference
    private SellerService ss;



    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//        //获取登录用户
//        TbSeller user = (TbSeller) SecurityUtils.getSubject().getPrincipal();
//        //根据用户Id获取权限
//        List<String> ulist = ms.getUserListById(user.getUid());
//        System.out.println("...............");
//        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//
//        info.addStringPermissions(ulist);
        return null;
    }
    //Shiro的登录方法
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("=============");
       String salt = "610404";
        UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken;
        TbSeller seller = ss.getInfoByUname(token.getUsername());
        if (!seller.getSellerId().equals(token.getUsername())){
            //说明账号不存在
            return null;
        }
        //校验账号是否审核
        if (!seller.getStatus().equals("1")){
            throw  new LongExcep("账号未审核");
        }
        // principal : 登录成功后的用户对象 , shiro会自动帮我们放入session中
        // 2 , 数据库的密码,shiro会自动进行校验密码是否正确
        // realmName : 可以理解为登陆成功后的用户名
        return new SimpleAuthenticationInfo(seller,seller.getPassword(), ByteSource.Util.bytes(salt),seller.getSellerId());
    }
}
